ACTIVE ELECTROTECHNICAL INDUSTRY AND TRADE JOINT STOCK COMPANY PERSONAL DATA PROCESSING DISCLOSURE STATEMENT

At Aktif Elektroteknik Sanayi Ve Ticaret Anonim Şirketi, we place utmost importance on the security of personal data pertaining to both natural and legal persons, including those employed by entities in a commercial relationship with us. With this awareness, we as a company ensure that all personal data related to all individuals connected to the Company are processed and stored in compliance with Law No. 6698 on the Protection of Personal Data. Fully aware of our responsibility, we process your personal data as a Data Controller within the prescribed legal limits and as detailed below.

1.1 Collection, Processing, and Objectives of Processing Personal Data Your personal data may be collected via various methods including email, accounting systems, Social Insurance Institution Platforms, and similar tools; verbally, in writing, or electronically, tailored to the service, product, or business activity provided by our Company. As long as you utilize our company’s products and services, your personal data will continue to be processed and updated. Moreover, your personal data will be processed when you use our call center or website intending to use our services, or when you participate in any training/webinars conducted under our commercial operations. The collected personal data will be processed to enhance your experience with the products and services provided by our company, to personalize these services and products based on your preferences, usage habits, and needs, and to ensure the legal and commercial security of our company and those we have business relationships with (administrative operations related to communication by our company, securing and inspecting the physical security of Company locations, evaluating business partner/customer/supplier [shareholders, officials, or employees], legal compliance processes, financial operations, etc.), to determine and implement the commercial and business strategies of our company, and to administer our company’s human resources policies, within the scope of personal data processing conditions and purposes specified in Articles 5 and 6 of the KVK Law.

1.2 Disclosure of Processed Personal Data Collected personal data may be shared with our domestic and international business partners, suppliers, group companies, shareholders, company officials, legally authorized public institutions and individuals, for the purposes outlined above, under the personal data processing conditions and purposes specified in Articles 8 and 9 of the KVK Law, to enable your use of our products and services, to personalize these products and services according to your preferences, usage habits, and needs, to ensure the legal and commercial security of our company and our business partners, to define and implement the commercial and business strategies of our company, and to manage our company’s human resources policies.

1.3 Methods and Legal Basis for Collecting Personal Data Your personal data are collected through various verbal, written, or electronic media based on the objectives stated above, in order to provide our company’s products and services within the determined legal framework, enabling our company to fulfill its contractual and legal obligations accurately and completely. These personal data collected for legal reasons are processed and transferred in accordance with the purposes specified in sections (1) and (2) of this text, within the scope of personal data processing conditions and purposes stated in Articles 5 and 6 of the KVK Law.

1.4 Rights of Personal Data Owners Under Article 11 of the KVK Law As personal data owners, you can submit your requests concerning your rights to our company through the methods outlined in this Disclosure Statement. Our company will conclude your request as soon as possible and free of charge within thirty days at the latest. However, if a fee is envisaged by the Personal Data Protection Board, our company may charge a fee according to the tariff determined by the Board. Personal data owners have the right to:

• Learn whether their personal data is being processed,
• Request information if their personal data has been processed,
• Know the purpose of data processing and whether this data is used for intended purposes,
• Know the third parties to whom the personal data is transferred domestically or internationally,
• Request the rectification of the incomplete or inaccurate data, if any, and to request notification of the operations performed to third parties to whom the personal data has been transferred,
• Request the deletion or destruction of personal data under the conditions set forth in Article 7 of the KVK Law, and to request notification of the operations performed to third parties to whom the personal data has been transferred,
• Object to any result that is to their detriment arising from the analysis of the processed data exclusively through automated systems,
• Request compensation for the damages in case of loss due to the unlawful processing of personal data. Under Article 13, Paragraph 1 of the KVK Law, you may communicate your requests to exercise the above-mentioned rights to our company in writing or through other methods determined by the Personal Data Protection Board. As the Board has not specified any method at this stage, you must submit your applications in writing to our company in accordance with the KVK Law. You can submit your written applications through the channels and procedures explained below within the scope of Article 11 of the KVK Law.